After using cloudflare when i install letsencrypt through ee command it saying
Unable to setup, Let’s Encrypt Please make sure that your site is pointed to same server on which you are running Let’s Encrypt Client to allow it to verify the site automatically.
I just unclick the cloud in my DNS record. If I remember correctly it takes a bit before it starts working again/propogates. If you want all the cloudflare jazz it might be easier to use cf’s certs.
Hello,
Let’s Encrypt isn’t able to generate a SSL certificate because it only see the Cloudflare server’s IP instead of your server IP. You can disable Cloudflare proxy to generate your SSL certificate or use Cloudflare SSL Origin certificates instead of Let’s Encrypt.
An tutorial is available in my knowledgebase :
Thanks @wcat, @virtubox for your valuable response.
Thanks for the tutorial.
@virtubox i am using DO and inside DO network section i have assigned A records to my server IP, still i can’t able to create LE SSL.
And another problem i have created a site demo.mydomain.com and also added to DO networking section. when i access to demo.mydomain.com, it says
Error 526 Invalid SSL certificate
how to rectify this problem ?
On the CloudFlare Crypto section what SSL i must choose ? because off the cloudflare ssl i can’t reach to my site and if i choose full/full-strict then i can’t able to renew the ssl.
what should i do ? please help.
@Anita Follow the instructions found on this link (URGENT - Letsencrypt not working after expired?) in order to remove the old SSL Certificate and then install the new one.
@Onisiforos Thanks buddy.
earlier i was able to renew my LE SSL. but now issue is LE can’t able to renew/install when cloudflare is enable.
my query is how do i renew/install LE SSL when cloudflare is enable.
@Anita Make sure you enable Full (Strict) mode in the Crypto tab of Cloudflare.
Also make sure that you have two A records which point to the same ip on Cloudflare and that the cloud is orange.
A Records Examples
example.com 1.2.3.4
www 1.2.3.4
@Onisiforos thanks
i have setup as like the same what you have mentioned.
one thing whether www needs to be A record or CNAME record ?
Please have a look into the image, anything needs to change for the other settings.
Ok @Onisiforos. i have created a A record for www.
should i keep the A, CNAME, NS records on digitalocean or delete from digitalocean ?
still i am getting this result
Secure Connection Failed
Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP
i think i must wait for little time to work it properly.
@Anita Your DNS must be only on CloudFlare. Finally if you are using Firefox malke sure that your browser is update. The error you have attached on your reply seems to be a browser issue.
All my browser updated. On the morning it was working fine and opening on all browser with LE SSL enabled.
but when i use cloudflare and mess with the ssl part on cloudflare, it stopped accessing now.
idk what is the issue…
@Anita As I am unable to see you DNS Configuration and access your server I am afraid I cannot assist you any further.
The only thing that remains is that I can make an assumption that you didn’t edit your database in order to change any urls from http:// to https://
To do that first backup your database and then use the following commands.
sudo cd /var/www/example.com/htdocs/ sudo wp search-replace “http;//example.com” “https://example.com”
If you are using root the commands above will become
cd /var/www/example.com/htdocs/ wp search-replace “http;//example.com” “https://example.com” --allow-root
